VNCPwdump can be used to dump and decrypt the registry key containing the encrypted VNC password in a few different ways. It supports dumping and decrypting the password by: Dumping the current users registry key, retrieving it from a NTUSER.DAT file, decrypting a command line supplied encrypted password, and injecting the VNC process and dumping the owner's password.
ebf49f069d3620f60c4c84681dfca3061ff616033ee023578474e84bc7623eed